Comments on: What’s in a window.name? http://ajaxian.com/archives/whats-in-a-windowname Cleaning up the web with Ajax Fri, 12 Mar 2010 20:52:16 -0600 http://wordpress.org/?v=2.8.4 hourly 1 By: newz2000 http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263801 newz2000 Wed, 14 May 2008 15:01:20 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263801 Is this a security vulnerability (or information leakage)? It seems to me to be merely a way for consenting pages to pass information. Is this a security vulnerability (or information leakage)? It seems to me to be merely a way for consenting pages to pass information.

]]> By: paftek http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263795 paftek Wed, 14 May 2008 09:10:00 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263795 @KevinWeibell: +1 Andrea Giammarchi blogged about this more than one year ago... @KevinWeibell: +1
Andrea Giammarchi blogged about this more than one year ago…

]]> By: Jordan http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263786 Jordan Wed, 14 May 2008 03:25:55 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263786 There are some obvious problems to this: 1) If the user opens a page in another tab, the window name is lost. 2) If a script on the page, maybe an advertisement script or what not, creates a global variable with the name "name", it will override the window.name variable. There are some obvious problems to this:

1) If the user opens a page in another tab, the window name is lost.

2) If a script on the page, maybe an advertisement script or what not, creates a global variable with the name “name”, it will override the window.name variable.

]]> By: ibolmo http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263783 ibolmo Wed, 14 May 2008 00:08:17 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263783 I'm still surprised by the security threats that everyone is afraid of. It's only an issue if someone uses window.name. Don't make the world spin on a dime, when there's bigger issues out there. I’m still surprised by the security threats that everyone is afraid of. It’s only an issue if someone uses window.name. Don’t make the world spin on a dime, when there’s bigger issues out there.

]]> By: arapehl http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263780 arapehl Tue, 13 May 2008 19:00:07 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263780 The fact that other sites could read the data without difficulty is a major issue and could keep this from ever really being used as a cookie replacement. It could however be used as a state manager for Ajax/Flash apps that track movements throughout an app by storing the current state in an iframe/url hash combination (re: YUI History Manager). The fact that other sites could read the data without difficulty is a major issue and could keep this from ever really being used as a cookie replacement.

It could however be used as a state manager for Ajax/Flash apps that track movements throughout an app by storing the current state in an iframe/url hash combination (re: YUI History Manager).

]]> By: JeromeLapointe http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263779 JeromeLapointe Tue, 13 May 2008 18:18:42 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263779 A little hackish but it's a pretty clever idea! Good example of "thinking outside the box". A little hackish but it’s a pretty clever idea! Good example of “thinking outside the box”.

]]> By: KevinWeibell http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263778 KevinWeibell Tue, 13 May 2008 17:22:33 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263778 Don't want to spoil all the fun... but this is not that new of a thing. Check out Andrea Giammarchi's <a href="http://webreflection.blogspot.com/2007/06/jstone-javascript-temporary-object.html" rel="nofollow">JSTONE</a> and <a href="http://webreflection.blogspot.com/2007/10/cow-web-ram-javascript-function-to.html" rel="nofollow">Web RAM</a>. Cheers Don’t want to spoil all the fun… but this is not that new of a thing. Check out Andrea Giammarchi’s JSTONE and Web RAM.

Cheers

]]> By: timwhunt http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263776 timwhunt Tue, 13 May 2008 16:49:02 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263776 This is really useful, thanks for pointing it out!! However, I almost missed it because the title of the post was "clever" rather than informative. This is really useful, thanks for pointing it out!! However, I almost missed it because the title of the post was “clever” rather than informative.

]]> By: Jamie http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263773 Jamie Tue, 13 May 2008 16:24:44 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263773 how long before this security hole is plugged in all real browsers though? how long before this security hole is plugged in all real browsers though?

]]> By: PaulIrish http://ajaxian.com/archives/whats-in-a-windowname/comment-page-1#comment-263771 PaulIrish Tue, 13 May 2008 16:01:21 +0000 http://ajaxian.com/archives/whats-in-a-windowname#comment-263771 Picked this up from Leslie Orchard's del.icio.us a few days ago. Can't believe it hadn't surfaced before now! This is huge. Not to mention the ability it affords us in cross-domain messaging without iframe hacks or anything. Picked this up from Leslie Orchard’s del.icio.us a few days ago. Can’t believe it hadn’t surfaced before now!

This is huge.

Not to mention the ability it affords us in cross-domain messaging without iframe hacks or anything.

]]>