|
Home > Archive > WebSphere Portal Server > December 2005 > How to disable IE's toolbar on WPS secure pages?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How to disable IE's toolbar on WPS secure pages?
|
|
|
| Hi List,
My customer raise a new requirement that they want to disable user browser's
toolbar (they dislike "Back", "Forward"...).
I am working on WPS 502 now, for user browser we care IE 5, 6 only. Please
help.
Thank you in advance
alex
| |
| Brian J. Sayatovic 2005-12-14, 5:59 pm |
| While there are old JavaScript tricks where you can pop up a new browser
window, turning of toolbars, addressbar, etc., you can't rely on this for
two reasons:
1. The newest browser standards are going to prevent that so that web pages
can't masquerade as system dialogs tricking users into doing bad things.
2. You can never rely on particular HTML client (i.e. browser) features for
security. Never trust the client. Always enforce security from the server.
Things like this you do in the client are only for the user's convenience,
not systematic enforcement.
Regards,
Brian.
"alex" <zhenleil@hotmail.com> wrote in message
news:dno3ur$9jn8$1@news.boulder.ibm.com...
> Hi List,
>
> My customer raise a new requirement that they want to disable user
browser's
> toolbar (they dislike "Back", "Forward"...).
> I am working on WPS 502 now, for user browser we care IE 5, 6 only. Please
> help.
>
> Thank you in advance
>
> alex
>
>
| |
|
| Thank you Brian,
Yes, you are right. Using Javascript window.open(<paramtersList> ) is the
only idea i have so far, but it will be a kind of Pop up , we have to
beware of newest browser standards that blocking pop-up.
Sigh, my project sponsor don't understand it, I have to keep working on it.
Regards
alex
"Brian J. Sayatovic" <bsayatovic@amig.com> wrote in message
news:dnpngr$7u1g$1@news.boulder.ibm.com...
> While there are old JavaScript tricks where you can pop up a new browser
> window, turning of toolbars, addressbar, etc., you can't rely on this for
> two reasons:
>
> 1. The newest browser standards are going to prevent that so that web
pages
> can't masquerade as system dialogs tricking users into doing bad things.
>
> 2. You can never rely on particular HTML client (i.e. browser) features
for
> security. Never trust the client. Always enforce security from the
server.
> Things like this you do in the client are only for the user's convenience,
> not systematic enforcement.
>
> Regards,
> Brian.
>
> "alex" <zhenleil@hotmail.com> wrote in message
> news:dno3ur$9jn8$1@news.boulder.ibm.com...
> browser's
Please[vbcol=seagreen]
>
>
|
|
|
|
|