[TYPO3-core] RFC: #13828: Login cause JS error if not in frame (access to parent is not allowed)

Steffen Kamper info at sk-typo3.de
Tue Mar 16 19:18:52 CET 2010


Hi,

Ernesto Baschny [cron IT] schrieb:
> Steffen Kamper schrieb am 16.03.2010 18:53:
> 
>> ok, i try again :)
>>
>> Your BE login is http://domain/typo3
>>
>> Now create a link to this login page anywhere and click it. The error
>> arise on the login page, because the parent.opener is filled (you come
>> from another window). You don't have to login, just the login page loaded.
> 
> OK, I give up. Unable to reproduce.
> 
> parent.opener from external link is always "null" for me (so further
> checks are skipped anyway). I tried to open the link with
> "window.open('/typo3/')" via javascript, then I have a parent.opener,
> but then parent.opener.TS is undefined, which also then skipped the
> remaining conditions.
> 
> So how do you create a parent.opener that is either NULL nor accessible??
> 

i don't create anything ;) parent is Window and opener is undefined. The 
link i use is on a different domain, so JS tries to access parent.opener 
but this is not allowed (cross domain) and the error is thrown.

vg Steffen


More information about the TYPO3-team-core mailing list