HELP! I have been looking for 2 days now to control this behavior!

I have a page setup that has a bunch of links and an iFrame on it. Once the links are clicked, it populates the iframe. One particular link goes to a login page (external site) where after the login authenticates the source window takes over my window. I thus loose all my naviagation links and this page becomes the parent.

Basically what I want to do is catch that event (the take over event - possibly in the window_onbeforeunload) and pass that iframe object into a new window - where it CAN take over the window. Thus saving my original page 'behind the new window'.

When the user is done with whatever they were doing, they can close that window down and retun to the original page.

Any guru's out there that can help????

can't you just do put a target="iframename" in your login link?

;)

No....

Here's a little more detail....

My page is an intranet page that gives our users access to our multiple 'external' links and provides that in a centralized location along with giving them the ability to 'tab' between each item...so they could be working on an expense report and then tab over to make airline tickets and then tab back (I'm setting style.display='none' and then turning it back on style.display='') to enable this behavior.

So - the link in particular, which is taking over my page is actually owned by our vendor for expense management. Asking them not to take over my parent would be easer than asking them to set thier login page to go to my iframe name. :)

<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
<script language="JavaScript">
<!--
function OnMouseDown(obj)
{
//First, we need to 'hide' all our windows, even if none are hidden yet.
document.all.I_websitelink1.style.display='none';
document.all.I_websitelink2.style.display='none';
document.all.I_websitelink3.style.display='none';

//The above 3 lines I have encapsulated into a function that actually does the same thing
//but does it by nodes rather than by explicitly changing...but, this is just an example!

//NOW, lets OPEN up our iframe that we really care about!
var myobject
myobject = document.getElementById("I_" + obj.id);
myobject.style.display='';
}
//-->
</script>
<SCRIPT ID=clientEventHandlersJS LANGUAGE=javascript>
<!--
//*******************************************************************
//** NOTE, THE BELOW IS WHAT I NEED ASSISTANCE WITH...I have *****
//** listed all the areas with further documentation - thanks *****
//*******************************************************************

function window_onbeforeunload() {

//IDEA NUMBER 1 - HELP HERE
//===================================================================
/*
//We need to check to make sure that an iframe IS in fact trying to take over,
//we wouldn't want to go into this section if the user was closing their browser,
//we only want to go into this section if we have an iframe that is trying to take over!
if(??????????)
{
//First, provide an alert to our users that we need to open a new window since the
//vendor is trying to take over our primary window.
alert("Warning - the website you requested is taking you outside our protected environment");

//Second, lets open up a new window with the redirection that the iframe is trying
//to accomplish, this works all fine and dandy, you just need to figure out which
//iframe is causing the problem and put it in the BOLDED text. In other words, by doing
//this, it properly catches the correct URL that the iframe is trying to go to. It works -
//but I need help figuring out what the conflicting iframe is.
window.open(document.all.WHATEVER_IFRAME_IS_TRYING_TO_TAKE_OVER.src, "NewWindow");

//Finally, since we were successfull in opening up a window and passing in the bad
//iframe data, we need to stop the default page from ALSO going to that page.
//SO, we need to shut down our original iframe, what is the STOP or SHUTDOWN method????
document.all.WHATEVER_IFRAME_IS_TRYING_TO_TAKE_OVER.SHUTDOWN!
}
*/
//===================================================================

//IDEA NUMBER 2 - HELP HERE
//===================================================================
/*
//We need to check to make sure that an iframe IS in fact trying to take over,
//we wouldn't want to go into this section if the user was closing their browser,
//we only want to go into this section if we have an iframe that is trying to take over!
if(??????????)
{
//First, provide an alert to our users that we need to open a new window since the
//vendor is trying to take over our primary window.
alert("Warning - the website you requested is taking you outside our protected environment");

//Second, lets open up a window, this time though - lets take our Iframe, and MOVE it to
//that window so it will not affect our primary window. Basically this is stoping us
//from having to STOP or SHUTDOWN the iframe in the primary window - because if we
//can successfully MOVE the object into the new windows container, we can let it take
//over that new container window - for we don't care!
CODEZ GOES HERE....????
}
*/
}

//-->
</SCRIPT>
</HEAD>
<BODY LANGUAGE=javascript onbeforeunload="return window_onbeforeunload()">
<a href="#" onMouseDown="OnMouseDown(this);" id=websitelink1>Expense Link</a> |
<a href="#" onMouseDown="OnMouseDown(this);" id=websitelink2>Travel Link</a> |
<a href="#" onMouseDown="OnMouseDown(this);" id=websitelink3>Purchasing Link</a>

<iframe style="display:'none'" id='I_websitelink1' width=100% height=100% ID='IConcur' FRAMEBORDER=1 src="loginpage.htm"></iframe>
<iframe style="display:'none'" id='I_websitelink2' width=100% height=100% ID='IConcur' FRAMEBORDER=1 src="sample.htm"></iframe>
<iframe style="display:'none'" id='I_websitelink3' width=100% height=100% ID='IConcur' FRAMEBORDER=1 src="sample2.htm"></iframe>

</BODY>
</HTML>

your vendor's site might have that 'frame-killer' script. so you can't control it.

why not just target that particular link to a new window instead of the iframe?

<a href="http://vendorsite.com" target="_blank">Login</a>

Yes - the vendor DOES have the frame killer script.

Targeting the link to a new window would mean that ALL my iframe targets would have to be that way. (The above example is a one to one example, mine is actually code generated and very dynamic, all the iframes have the same behavior because of the dynamic code).

What I figured I could do was 'catch' the vendor trying to take over my window and throw them into a new window at that point.

then you could have an if condition for this one special case in your server-side code.

pseudocode:

if vendor's site then
target = new window
else
target = iframe

that way you dont have to bother with catching the page going out of iframe for that one particular site.

Yes, there are a lot of things I can do - what I am looking for is a solution to the problem above, not a way to 'side step it'.

If I do server side code like you say, that would limit me to only the sites that I am aware of that have this behavior. Lets say somewhere down the road, (as soon as upper management find out how flexible this nifty page is) I have 50 links; I sure as heck don't want to search those sites on a daily bases to ensure that they didn't add that 'frames buster' script. I would rather handle it elegently - and do it the right way - the first time. Catch it if any of the links - ever - happend to break out - and simply move that breakout page into a new window. (See the comments in the 'HELP HERE' section in the code.)

Don't get me wrong, you guys are great help and have given me alternatives to my problem, I'm just hoping there is someone out there with the ultimate answer to handle this elegently.

Thanks all for your help so far!

read about cross-domain security (http://msdn.microsoft.com/library/default.asp?url=/workshop/author/om/xframe_scripting_security.asp)

Originally posted by glenngv
read about cross-domain security (http://msdn.microsoft.com/library/default.asp?url=/workshop/author/om/xframe_scripting_security.asp)

Glenngv - I fail to see how this has relevance. I'm not breaking any of those rules. I'm not trying to script content to another domain, quite the contrary, I'm trying to capture that other domain trying to 'take over' and then handle that gracefully by letting them take over - but in a new window - where they won't destroy my navigational structure..

Any luck - anyone????

Surly this can be done....help....

Originally posted by BigJunk


Glenngv - I fail to see how this has relevance. I'm not breaking any of those rules. I'm not trying to script content to another domain, quite the contrary, I'm trying to capture that other domain trying to 'take over' and then handle that gracefully by letting them take over - but in a new window - where they won't destroy my navigational structure..

see the text in red. It would require you to script content to another domain. You would need to bypass the frame killer script to open it in a new window.

Glenngv - first off, thanks for your continued help....

You can in fact have it pop open in a new window....

In the Onbefore_unload you place window.open(iframe.src) you can pop open a new window and force the content from your iframe to go there.

This works fine and dandy - but what happens is the original iframe still navigates forward.

Do you know of a way to STOP or interrupt the parent from navigating forward...without a refresh. Something like this (here's the pseudo)...

after window.open(iframe.src) - iframe on parent - HALT, return to original src of "blank.htm" and do not navigate forward.

i stick to my previous post. i think it would breach the cross-domain security to accomplish that, if at all possible

I can't believe you would say it can't be done without trying it.

The source code is above....try it. It works.

I have IE 6.

Works dandy.

Originally posted by BigJunk
I can't believe you would say it can't be done without trying it.

The source code is above....try it. It works.

I have IE 6.

Works dandy.

completely works as you wanted it?