by Thomas 'PointedEars' Lahn
and contributors
Based on the comp.lang.javascript FAQ,
version 32.2
of 2010-10-08,
by Garrett Smith
and contributors.
Available online at http://PointedEars.de/scripts/faq/cljs/
This is the meta-FAQ for comp.lang.javascript. The latest version is available at http://PointedEars.de/faq/ in HTML form.
For additional explanation and detail relating to some aspects of the FAQ, please see the FAQ Notes. It has been provided separately to avoid increasing the size of the FAQ to a point where it would be unreasonable to post it to the group.
Code examples in this FAQ use JSDoc Toolkit comments.
This document is work in progress, intended to replace the comp.lang.javascript FAQ that has gone unmaintained since 2010-10-08 CE.
The official Big 8 Usenet newsgroup dealing with javascript is comp.lang.javascript. Some "language" hierarchies also have *.comp.lang.javascript groups.
c.l.js is an unmoderated newsgroup.
The comp.lang.javascript newsgroup deals with ECMAScript languages, so any questions about JavaScript or JScript are welcome. However, the majority of questions sent to this group relates to javascript in a web browser. If you are experiencing issues with a particular browser, or the host is not a browser at all, please make this information clear.
Javascript and Java are two completely different languages. Java questions should be asked in one of the comp.lang.java.* newsgroups; they are not appropriate for c.l.js (as Java and javascript are distinct programming languages with only superficial similarities due to sharing a C-like syntax and some of the characters in their names).
Questions dealing with other scripting languages, such as VBScript, PerlScript or CGI scripting are also off-topic, as are HTML-only or CSS-only questions.
Questions that are specific to Microsoft's JScript may also be appropriately asked at: microsoft.public.scripting.jscript
The comp.lang.javascript newsgroup charter is included in faq_notes/cljs_charter.html.
Before posting to c.l.js, you should read this document. You should also check the Resources section.
Relevant announcements are welcome, but no more often than once per major release, as a short link to the product's webpage.
This could be for several reasons:
If it is not one of these, then after a few days consider reposting after checking http://groups.google.com/group/comp.lang.javascript/topics for replies. Make sure the post is phrased well, and everything needed to answer is correct, and the subject is appropriate.
ECMA-262 is the international standard that current language implementations (JavaScript™, JScript etc.) are based on.
ECMA-262
defines the language Syntax, Types, Keywords, Operators, and built-in
objects. The ECMAScript specification is the reference to determine the
expected behavior of a program. ECMAScript does not define any host
objects, such as document, window, or
ActiveXObject.
ECMA-327 defines the Compact Profile of ECMAScript by describing the features from ECMA 262 that may be omitted in some resource-constrained environments. http://www.ecma-international.org/publications/standards/Ecma-327.htm
The most widely supported edition of ECMA-262 is the 3rd edition (1999). There is fair support for this edition in JScript 5.5+ (buggy) and good support JavaScript 1.5.
For historical reasons, the term “javascript” is used herein as a shorthand for “ECMAScript-based programming languages”. Note that not all uses of that term here are correct. For example, there are instances where using “DOM” instead would have been correct. This will be fixed in a later revision.
JScript is Microsoft's implementation of ECMAScript.
Questions that are specific to Microsoft's JScript may also be appropriately asked at: microsoft.public.scripting.jscript.
The Document Object Model (DOM) is a interface-based model for Document
objects. The DOM allows scripts to dynamically access and update a
document's content, style, and event handlers.
The DOM is not part of the ECMAScript programming language.
Official DOM standards are defined by the World Wide Web Consortium.
Scriptable browsers also have proprietary DOM features (MSDN, MDC),
such as document.writeln().
Also see the section on DOM and Forms.
Internationalisation means using one form which is everywhere both acceptable and understood. Any international standard not supported by default can be coded for.
For example, there is an International Standard for numeric Gregorian date format; but none for decimal and thousands separators.
Localisation is the process of adapting software for a specific region or language by adding locale-specific components and translating text. It cannot work well in general, because it requires a knowledge of all preferences and the ability to choose the right one, in an environment where many systems are inappropriately set anyway.
ECMAScript has a few localisation features. The various
toString() methods are all implementation dependent,
but tend to use either UK or US settings (not necessarily correctly).
ECMAScript Ed. 3 introduced some capabilities, including the
toLocaleString()method which should create a string
based on the host's locale.
ECMAScript 5th Edition introduces limited ISO 8601 capabilities with
Date.prototype.toISOString() and new behavior for Date.parse().
The 5th edition of ECMAScript was approved on 2009-12-04. There is some support in implementations released before approval date (JScript 5.8, JavaScript 1.8, JavaScriptCore). http://www.ecma-international.org/publications/standards/Ecma-262.htm
Most javascript books have been found to contain so many technical errors that consensus recommendations have not emerged from the group.
The following books have been considered to have value by some individuals on c.l.js. The reviews of these books are provided:
No javascript libraries are endorsed by this group. If you want help with using a library, visit that library's discussion group instead.
This is an anonymous FunctionExpression that is called immediately after creation.
Variables declared inside a function are not accessible from outside the function. This can be useful, for example, to hide implementation details or to avoid polluting the global scope.
The term function statement has been widely and wrongly used to
describe a FunctionDeclaration. This is misleading because in ECMAScript,
a FunctionDeclaration is not a Statement; there are places in a program
where a Statement is permitted but a FunctionDeclaration is not. To add
to this confusion, some implementations, notably Mozillas', provide a
syntax extension called function statement. This is allowed under
section 16 of ECMA-262, Editions 3 and 5.
Example of nonstandard function statement:
// Nonstandard syntax, found in GMail source code. DO NOT USE.
try {
// FunctionDeclaration not allowed in Block.
function Fze(b,a){return b.unselectable=a}
/*...*/
} catch(e) { _DumpException(e) }
Code that uses function statement has three known interpretations. Some
implementations process Fze as a Statement, in order. Others, including
JScript, evaluate Fze upon entering the execution context that it
appears in. Yet others, notably DMDScript and default configuration of BESEN,
throw a SyntaxError.
For consistent behavior across implementations, do not use function
statement; use either FunctionExpression or FunctionDeclaration instead.
Example of FunctionExpression (valid):
var Fze;
try {
Fze = function(b,a){return b.unselectable=a};
/*...*/
} catch(e) { _DumpException(e) }
FunctionDeclaration (valid):
// Program code
function aa(b,a){return b.unselectable=a}
ISO 8601 defines date and time formats. Some benefits include:
The ISO Extended format for common date is YYYY-MM-DD, and for time is
hh:mm:ss.
For an event with an offset from UTC, use YYYY-MM-DDThh:mm:ss±hh:mm.
Never use a local date/time format for a non-local event. Instead, use
UTC, as in YYYY-MM-DDThh:mm:ssZ (Z is the only letter suffix).
The T can be omitted where that would not cause ambiguity. For
rfc 3339 compliance, it may be replaced by a space and for SQL,
it must be replaced by a single space.
Year 0000 is unrecognized by some formats (XML Schema, xs:date).
A local Date object where 0 <= year <= 9999 can be
formatted to a common ISO 8601 format YYYY-MM-DD with:-
/** Formats a Date to YYYY-MM-DD (local time), compatible with both
* ISO 8601 and ISO/IEC 9075-2:2003 (E) (SQL 'date' type).
* @param {Date} dateInRange year 0000 to 9999.
* @throws {RangeError} if the year is not in range
*/
function formatDate(dateInRange) {
var year = dateInRange.getFullYear(),
isInRange = year >= 0 && year <= 9999, yyyy, mm, dd;
if(!isInRange) {
throw RangeError("formatDate: year must be 0000-9999");
}
yyyy = ("000" + year).slice(-4);
mm = ("0" + (dateInRange.getMonth() + 1)).slice(-2);
dd = ("0" + (dateInRange.getDate())).slice(-2);
return yyyy + "-" + mm + "-" + dd;
}
An Extended ISO 8601 local Date format YYYY-MM-DD can be parsed to a
Date with the following:
/**Parses string formatted as YYYY-MM-DD to a Date object.
* If the supplied string does not match the format, an
* invalid Date (value NaN) is returned.
* @param {string} dateStringInRange format YYYY-MM-DD, with year in
* range of 0000-9999, inclusive.
* @return {Date} Date object representing the string.
*/
function parseISO8601(dateStringInRange) {
var isoExp = /^\s*(\d{4})-(\d\d)-(\d\d)\s*$/,
date = new Date(NaN), month,
parts = isoExp.exec(dateStringInRange);
if(parts) {
month = +parts[2];
date.setFullYear(parts[1], month - 1, parts[3]);
if(month != date.getMonth() + 1) {
date.setTime(NaN);
}
}
return date;
}
(For example: When formatting currency, how to format
6.57634 as "6.58",
6.5 as "6.50", and 6
as "6.00"?)
Rounding of x.xx5 is unreliable, as most numbers are not represented exactly. See also: Why does simple decimal arithmetic give strange results?
The statement n = Math.round(n * 100) / 100
converts n to a Number value close
to a multiple of 0.01. However, there are
problems. Converting the Number value
n to a String value
(n.toString()), does not give trailing zeroes.
Rounding numbers that are very close to x.5,
for example, Math.round(0.49999999999999992)
returns 1.
ECMA-262 Edition 3 introduced Number.prototype.toFixed().
However, there are bugs in JScript 5.8 and below with certain
values; for example, 0.007.toFixed(2) incorrectly
returns "0.00".
var numberToFixed = (function () {
/**
* @param {string} input
* Input value to be converted to string.
* @param {number} size
* Desired length of output.
* @param {string} ch
* Single character to prefix to <var>s</var>.
* @return {string}
*/
function padLeft (input, size, ch)
{
var s = input.toString();
while (s.length < size)
{
s = ch + s;
}
return s;
}
function toUnsignedString (m, digits)
{
var t,
s = Math.round(m * Math.pow(10, digits)).toString(),
start, end;
if (/\D/.test(s))
{
return m.toString();
}
s = padLeft(s, 1 + digits, "0");
start = s.substring(0, t = (s.length - digits));
end = s.substring(t);
if (end)
{
end = "." + end;
}
/* avoid "0." */
return start + end;
}
/**
* @param {number} n
* Number to be formatted
* @param {number} digits
* Number of decimal digits
* @return {string}
* The formatted string
*/
return function (n, digits) {
var unsigned = toUnsignedString(Math.abs(n), digits);
return (n < 0 ? "-" : "") + unsigned;
};
})();
// Test results
document.writeln([
"numberToFixed(9e-3, 12) => " + numberToFixed(9e-3, 12),
"numberToFixed(1.255, 2) => " + numberToFixed(1.255, 2),
"numberToFixed(1.355, 2) => " + numberToFixed(1.355, 2),
"numberToFixed(0.1255, 3) => " + numberToFixed(0.1255, 3),
"numberToFixed(0.07, 2) => " + numberToFixed(0.07, 2),
"numberToFixed(0.0000000006, 1) => " + numberToFixed(0.0000000006, 1),
"numberToFixed(0.0000000006, 0) => " + numberToFixed(0.0000000006, 0)
].join("\n"));
For example, 5 * 1.015 does not give exactly
5.075 and 0.06+0.01 does
not give exactly 0.07 in javascript.
ECMAScript numbers are represented in binary as IEEE-754 (IEC 559)
Doubles, with a resolution of 53 bits, giving an accuracy of
15-16 decimal digits; integers up to just over 9e15 are
precise, but few decimal fractions are. Given this, arithmetic
is as exact as possible, but no more. Operations on integers
are exact if the true result and all intermediates are integers
within that range.
In particular, non-integer results should not normally be compared for equality; and non-integer computed results commonly need rounding; see How do I format a Number as a String with exactly 2 decimal places?
Otherwise, use Math.round on the results of expressions which
should be of integer value.
Method parseInt generally needs a second parameter, radix,
for the base (from 2 to 36).
If radix is omitted, the base is determined by the contents of
the string. Any string beginning with '0x' or '0X' represents a
hexadecimal number. A string beginning with a leading 0 may be parsed as
octal (as if raxix were 8), in ECMA-262 Ed 3 (octal digits are 0-7).
If string '09' is converted to 0.
To force use of a particular base, use the radix
parameter: parseInt("09", base).
Variables are not typed; their values are. The conversion between a string and a number happens automatically.
The addition operator (+) performs concatenation if either operand is a
string, thus "1" + 1 results "11". To perform addition, you might need
to first convert the string to a number. For example +varname or
Number(varname) or parseInt(varname, 10) or
parseFloat(varname). Form control values are strings, as is the result
from a prompt dialog. Convert these to numbers before performing
addition: +'1' + 1 results 2.
Math.random() returns a value R such that 0 <= R < 1.0; therefore:
// positive integer expected
function getRandomNumber(n) {
return Math.floor(n * Math.random());
}
0 to n - 1 inclusive; use getRandomNumber(n)+1 for 1 to n.
A native object is any object whose semantics are fully defined by ECMA-262.
Some native objects are built-in; others, such as user-defined objects, may be constructed during the execution of an ECMAScript program.
Example:
// Native built-in objects:
var m = Math, // Built-in Math object.
slice = Array.prototype.slice, // Built-in native method.
o = {}, // Native user-defined object.
f = function(){}, // Native user-defined function.
d = new Date(),
a = [],
e = new Error("My Message.");
A built-in object is any object supplied by an ECMAScript implementation, independent of the host environment, that is present at the start of the execution of an ECMAScript program.
ECMA-262 3rd Edition defines the following built-in objects:
ECMA-262 Edition 5 defines also the built-in object JSON.
Nonstandard built-in objects may include RuntimeObject,
String.prototype.link, CollectGarbage, and more.
A host object is any object supplied by the host environment to complete the execution environment of ECMAScript.
A host object is not part of the ECMAScript implementation, but is exposed to the ECMAScript implementation.
A host object may be implemented as a native ECMAScript object, however this is not required. For example, Internet Explorer implements many scriptable DOM objects as ActiveX Objects, often resulting in unexpected errors.
Availability and behavior of a host object depends on the host environment.
For example, in a browser, XMLHttpRequest might be available, with or
without standard or proprietary features or events. Windows Script Host object model
has the WScript object available.
For information on a particular host object, consult the pertinent documentation available for the implementation(s). For web browsers, this usually includes the w3c specifications as well as documentation for that browser. See also:
The eval function should only be used when it is necessary to
evaluate a string supplied or composed at run-time; the string
can be anything from a simple (but unpredictable) expression such
as "12 * 2.54" to a substantial piece of javascript code.
When eval( '{"key" : 42}' ) is called, { is interpreted as a block of
code instead of an object literal. Hence, the Grouping Operator (parentheses)
is used to force eval to interpret the JSON as an object literal:
eval( '({"key" : 42})' );.
There are two ways to access properties: dot notation and square bracket notation. What you are looking for is the square bracket notation in which the dot, and the identifier to its right, are replaced with a set of square brackets containing a string. The value of the string matches the identifier. For example:-
//dot notation
var bodyElement = document.body;
//square bracket notation, using an expression
var bodyElement = document["bo"+"dy"];
ECMAScript Edition 5 specifies String.prototype.trim(). Where not implemented,
it can be defined as a method that uses a regular expression:
if (typeof String.prototype.trim != "function")
{
String.prototype.trim = function () {
return this.replace(/^\s+/, "").replace(/\s+$/, "");
};
}
Implementations are inconsistent with \s. For example,
some implementations, notably JScript 5.8 and Safari 2, do not match \xA0
(no-break space), among others.
A more consistent approach would be to create a character class that defines the characters to trim. For example, the following method trims exactly the characters that should be trimmed by a conforming implemenation of ECMAScript Ed. 5.1 (WhiteSpace and LineTerminator):
if (typeof String.prototype.trim != "function")
{
String.prototype.trim = (function () {
var sWhiteSpace = "[\\u0009\\u000A-\\u000D\\u0020\\u00A0"
+ "\\uFEFF\\u2028\\u2029]";
var _prefix = new RegExp("^" + sWhiteSpace + "+");
var _suffix = new RegExp(sWhiteSpace + "+$");
return function () {
return this.replace(_prefix, "").replace(_suffix, "");
};
}());
}
In HTML documents, a form may be referred to as a property of the
document.forms collection, either by its ordinal index or by name
(if the form has a name). A form's controls may be similarly referenced
from its elements collection:
var frm = document.forms[0];
var control = frm.elements["elementname"];
Once a reference to a control is obtained, its (string) value
property can be read:-
var value = control.value;
value = +control.value; //string to number.
First Exception: Where the control is a SELECT element, and
support for older browsers, such as NN4, is required:
var value = control.options[control.selectedIndex].value;
Second Exception: Where several controls share the same name, such as radio buttons. These are made available as collections and require additional handling. For more information, see:-
Third Exception: File inputs. Most current browsers do not allow
reading of type="file" input elements in a way that is useful.
Form controls with any "illegal" characters can be accessed with
formref.elements["myselect[]"] - The bracket characters,
amongst others, are illegal in ID attributes and javascript
identifiers, so you should try to avoid them as browsers may
handle them incorrectly.
Microsoft introduced a shortcut that can be used to reference
elements which include an id attribute where the
id becomes a globally-accessible property. Some browsers reproduce
this behavior. Some, most notably Gecko-based browsers (Netscape and Mozilla),
do so only in "quirks" mode. The best approach is the document.getElementById
method, which is part of the W3C DOM standard and implemented
in modern browsers (including IE from version 5.0). So an
element with id="foo" can be referenced
with:-
var el = document.getElementById("foo");
Note: make sure not to use the same id twice in the same document
and do not give an element a name that matches an id
of another in the same document or it will trigger bugs in MSIE <= 7 with
document.getElementsByName and document.getElementById.
Using the non-standard but widely implemented
innerHTML property:
<div id="anID">Some Content</div> with script:
document.getElementById("anID").innerHTML =
"Some <em>new</em> Content";
Where "anID" is the (unique on the HTML page)
id attribute value of the element to modify.
All versions of Internet Explorer exhibit problems with innerHTML, including:
If the new content is only text and does not need to replace existing HTML,
it is more efficient to modify the data property of a text node.
document.getElementById("anID").firstChild.data = "Some new Text";
Compatibility Note: Implementations have been known to split long text
content among several adjacent text nodes, so replacing the data of the
first text node may not replace all the element's text. The normalize
method, where supported, will combine adjacent text nodes.
Note: Make sure the element exists in the document (has been parsed) before trying to reference it.
An element can only be accessed after it exists in the document.
Either:
A) include your script after the HTML element it refers to, or
B) use the "load" event to trigger your script.
Example A:
<div id="snurgle">here</div>
<script type="text/javascript">
// Don't forget var.
var snurgleEl = document.getElementById("snurgle");
window.alert(snurgleEl.parentNode);
</script>
Example B:
// In the HEAD.
<script type="text/javascript">
window.onload = function(){
var snurgleEl = document.getElementById("snurgle");
};
</script>
name or id
Write a cookie and read it back and check if it's the same.
The window object (also referred to by self) is "DOM Level 0".
No formal standard for it exists.
You can't. The browser's history cannot be modified. However, you
can use self.location.replace(url); in some browsers to replace
the current page in the history.
To reference another frame on the same domain:
The content window of a FRAME or IFRAME can be
accessed by the frames collection.
Example:
var fwin;
fwin = self.frames[0]; // or:
fwin = self.frames["iframeName"];
or, from the IFRAME or FRAME element:
var iframeEl = document.getElementById("myFrame");
var fwin = iframeEl.contentWindow; // Nonstandard, but widely supported.
var fdoc = iframeEl.contentDocument; // DOM2 HTML Standard.
A global identifier moomin in the the iframe's content window
is accessed as fwin.moomin.
To communicate between frames on different domains:
Where supported, (IE8, Firefox 3, Opera 9, Safari 4), use
window.postMessage( message[, port], otherDomain);.
Example: http://jibbering.com/faq/example/postMessage.html
Where window.postMessage is not supported, the window.name property
can be set on the other window, which can poll for updates to that
property using setInterval(checkWinName, 100); where checkWinName
is a function that polls to check the value of
self.name.
Here is a detailed explanation of a cross-browser strategy to find the dimensions of the viewport, excepting all chrome (excludes scrollbars, etc).
We can consider various properties:
window.innerWidth
document.clientWidth
document.documentElement.clientWidth
document.body.clientWidth
Of the browsers that have an innerWidth property, most
include scrollbar dimensions. Some versions of KHTML browsers
(including Safari 2) do not include scrollbar width.
The window.inner* properties are unreliable and not
useful here. We don't want scrollbar dimensions included.
document.clientWidth
Certain versions of KHTML, including Safari 2, have
document.clientHeight and document.clientWidth
properties. Where supported, these rare properties accurately
return the height and width of the viewport, without including
scrollbar dimensions.
document.documentElement.clientWidth
document.body.clientWidth
MSHTML (Trident), Firefox (Gecko), Opera (Presto), and Safari
(Webkit) all support clientHeight on document.body
and document.documentElement. The difficulty is figuring out
which one is reliable. In other words which object to get the
clientHeight property from:documentElement or body?
What the number returned from either of these properties
represents depends on the environment. The environment includes
the browser, its version, and the rendering mode of the document.
In quirks mode, we'll mostly want to use body.clientHeight
(except for in Safari 2).
document.body.clientHeight
Some environments will return the viewport height. Others will
return 0. Yet others will return the clientHeight of
the BODY element.
document.documentElement.clientHeight
This is the more "standard" property for getting the height of
the viewport. It usually "works" in modern browsers in
standards mode. Notable exceptions include Safari 2 and
Opera <= 9.25, both of which return the clientHeight
of the html element. (Oddly, Opera <= 9.25
in standards mode returns the width of the viewport for
documentElement.clientWidth).
With the exception of Safari 2, body.clientHeight is reliable
where documentElement.clientHeight is found to be unreliable.
For example, in Safari 3+, Opera, and Mozilla, all in quirks mode,
document.documentElement.clientHeight returns the clientHeight
of the html element (this may seem unsurprising but
it is not what we want).
Conversely, document.body.clientHeight will return
the height of the viewport in most cases where
document.documentElement.clientHeight does not. An exception
to that is Safari 2, where documentElement.clientHeight
and body.clientHeight both return the height of their
corresponding element (not what we want).
By using a combination of Feature Testing and Capability Testing, the dimensions of the viewport can be strategically retrieved from the property that works in the environment the script is running in. The trick is determining which property will give us the value we want.
Since document.clientHeight is reliable where
(rarely) supported, and since browsers that support this property
don't return the viewport dimensions from
document.body.clientHeight or
document.documentElement.clientHeight, this should be the
very first condition:
// Safari 2 uses document.clientWidth (default).
if(typeof document.clientWidth == "number") {
// use document.clientWidth.
}
The next strategy is to determine if
document.documentElement.clientHeight property is unreliable.
It is deemed "unreliable" when it is either 0 or taller
than the viewport.
Determining if documentElement.clientHeight is 0 is easy.
The result is stored in a variable IS_BODY_ACTING_ROOT.
var docEl = document.documentElement,
IS_BODY_ACTING_ROOT = docEl && docEl.clientHeight === 0;
docEl = null;
To determine if documentElement.clientHeight returns
a value taller than the viewport, we need a Capability Test.
If we can force documentElement to be very tall
(taller than a normal viewport) we can then check to see if
documentElement.clientHeight returns that "very tall" number.
If it does, then it is unreliable.
We can force documentElement to be taller than the viewport
(or any "normal" viewport) by adding a div to the body,
give that div a height larger than any normal monitor,
and then check to see if documentElement.clientHeight is
that high (or "almost" that high, to account for documentElement
having a border).
// Used to feature test Opera returning wrong values
// for documentElement.clientHeight.
// The results of this function should be cached,
// so it does not need to be called more than once.
function isDocumentElementHeightOff(){
var d = document,
div = d.createElement('div');
div.style.height = "2500px";
d.body.insertBefore(div, d.body.firstChild);
var r = d.documentElement.clientHeight > 2400;
d.body.removeChild(div);
return r;
}
We can use this function to see if we should use
body.clientHeight, instead. (but only after checking if
document.clientHeight is supported).
// Safari 2 uses document.clientWidth (default).
if(typeof document.clientWidth == "number") {
// use document.clientHeight/Width.
}
else if(IS_BODY_ACTING_ROOT || isDocumentElementHeightOff()) {
// use document.body.clientHeight/Width.
} else {
// use document.documentElement.clientHeight/Width.
}
The preceding strategy was developed by Garrett Smith with input
from John David Dalton. A complete and tested example can be found
in APE Library under APE.dom.getViewportDimensions.
Source code:
http://wayback.archive.org/web/20110814142717/http://dhtmlkitchen.com/ape/build/dom/viewport-f.js.
APE is publicly released under Academic Free License.
APE home: http://wayback.archive.org/web/20110628160010/http://www.dhtmlkitchen.com/ape/.
Note: The dimensions cannot be determined accurately until after the document has finished loading.
var myWin;
function openWin(aURL) {
if (!myWin || myWin.closed ) {
myWin = window.open(aURL,'myWin');
} else {
myWin.location.href = aURL;
myWin.focus();
}
}
Popup windows cause usability problems and are generally best avoided.
IE prints the frame that has focus when you call the print
method frameref.focus();frameref.print();
If a window was opened by javascript, then it can be closed
without confirmation by using windowRef.close().
Before calling windowRef.close() (or other window methods), make
sure the window reference is not null and its closed property is false.
Popup windows cause usability problems and are generally best avoided.
In the normal browser security model, a script may only access the properties of documents served from the same domain or IP address, protocol, and port.
Any attempt to access a property in such cases will result in a "Permission Denied" error. Signed scripts or trusted ActiveX objects can overcome this in limited situations.
There is no built-in way to pause execution in javascript such
as a sleep function, but hosts usually provide a method of some
form. Web browsers are designed for event driven programming and
only provide the setTimeout and setInterval functions
to facilitate timed delays. The delay before calling getSnork may
exceed the second parameter to setTimeout and setInterval
due to implementation differences among browsers.
To call the function getSnork, approximately 10 seconds
after the function getMoomin() completes, you would do this:
getMoomin();
setTimeout(getSnork, 10000);
Script execution is not stopped, and adding getSnufkin() after the
setTimeout line would immediately execute the function getSnufkin
before getSnork.
Achieving delays through running a loop of some sort for a pre-defined period is a bad strategy, as that will inhibit whatever was supposed to be happening during the delay, including blocking user interation.
Other (less event driven) hosts have different wait functions,
such as WScript.Sleep() in the Windows Script Host.
In a normal security environment, you can't change anything.
Print Stylesheet rules provide options.
For IE, ActiveX or Plugin ScriptX and
Neptune from Meadroid to give you more control for Windows
versions of Internet Explorer, Netscape, and Opera.
The buttons on a confirm box cannot be changed, nor can a default button be specified.
Change the question to a statement so that "OK" is suitable as the default response.
Example: "Would you like us to charge your credit card?" (wrong) "We will now charge your credit card." (right).
It is not possible with client-side javascript.
Some browsers accept the Content-Disposition header, but this
must be added by the server. Taking the form:-
Content-Disposition: attachment; filename=filename.ext
In a default security environment you are very limited in how much
you can modify the current browser window. You can use
window.resizeTo or window.moveTo to resize or move a
window respectively, but that is it. Normally you can only
suggest chrome changes in a window.open.
Use the target attribute on the form, opening a window with that name and your feature string in the onsubmit handler of the FORM.
<form action="" method="post"
target="wndname" onsubmit="window.open('',this.target);return true;">
New windows can be opened on browsers that support the
window.open function and are not subject to the action of any
pop-up blocking mechanism with code such as:-
var wRef;
if(window.open){
wRef = window.open("http://example.com/page.html","windowName");
}
Ajax
is shorthand for Asynchronous JavaScript and XML. The technology is
based on the XMLHttpRequest Object. At its simplest,
it is the sending/retrieving of new data from the server without
changing or reloading the window location.
Although XMLHttpRequest can be used to download
entire pages, it is often used for downloading small pieces
of data that can be used to update the current page.
Use a server-side language to generate the javascript.
Certain characters of ECMAScript strings must be escaped by backslash. These include quote marks, backslash, and line terminators.
JSP Example, using Apache Commons: org.apache.commons.lang.StringEscapeUtils:
var jsVar = "<%= StringEscapeUtils.escapeJavaScript(str) %>";
PHP example using addcslashes:
var jsVar = "<?php echo addcslashes($str,"\\\'\"\n\r"); ?>";
This cannot be done reliably. Here's why:
You trigger a server-side script by sending an HTTP request.
This can be achieved by setting the src of an img,
Image, frame, or iframe, or by using XHR, where supported.
An image will also "swallow" the data sent back by the server, so that they will not be visible anywhere.
var dummyImage = new Image();
dummyImage.src = "scriptURL.asp?param=" + varName;
Mozilla, Opera 7.6+, Safari 1.2+, and Windows IE 7
provide the XMLHttpRequest object
(Windows IE versions 5+, provides ActiveX to acheive an analagous
effect). XMLHttpRequest can send HTTP requests to
the server, and provides access the responseText or responseXML
(when the response is XML), and HTTP header information.
Images are cached by the browser depending on the headers sent by the server. If the server does not send sufficient information for the browser to decide the image is cacheable, the browser will check if the image has been updated every time you change the src of an image (in some user settings). To overcome this you must send suitable headers.
To reload a page, use location.reload(). However, this depends
upon the cache headers that your server sends. To change this,
you need to alter the server configuration. A quick fix on the
client is to change the page URI so that it contains a unique
element, such as the current time. For example:
location.replace(location.href+'?d='+new Date().valueOf())
If the location.href already contains a query String, use:
location.replace(location.href+'&d='+new Date().valueOf())
Browsers cache the results of HTTP requests to reduce network traffic.
To force the browser to request the document from the server, either
set the EXPIRES and/or CACHE-CONTROL response header(s)
with a past date or use a unique query string.
req.open("GET", "/example.jsp?date=" + (+new Date), true);
POST
to prevent caching. See RFC 2616.
There are debugging tools for many browsers. Learn to use them all.
Tools, Internet Options, Advanced, and uncheck
Disable Script Debugging. After enabling Script Debugging,
a Script Debugger option will appear in the View menu.console for IE.Internet Options, Advanced, deselect "Disable Script Debugging",
select "Display a notification ...".
Tools > Error console (Ctrl + Shift + j).
Develop menu in Safari 3.1 or higher, select
the checkbox labeled "Show Develop menu in menu bar" in
Safari's Advanced Preferences panel.
Page menu icon and select
Developer > JavaScript Console. From here, you'll be
able to view errors in the JavaScript execution, and enter
additional javascript commands to execute.
Page menu icon > Developer
> Debug JavaScript, the debugger provides a command prompt from which you
can set breakpoints, backtrace, and more. Type help at the debugger
command line to get started.
The short answer: Don't do that.
The navigator host object contains properties which
may identify the browser and version. These properties are historically
inaccurate. Some browsers allow the user to set navigator.userAgent to any value. For
example, Firefox, (type about:config and search useragent
or Safari, Develop > User Agent > Other..., IE, via Registry.
Other browsers, such as Opera, provide a list of user agents for the user to select from. There are also at least 25 other javascript capable browsers, with multiple versions, each with their own string.
Browser detection is unreliable, at best. It usually causes forward-compatibility and maintenance problems. It is unrelated to the problem or incompatiblity it is trying to solve and obscures the problems it is used for, where it is used.
Object detection is checking that the object in question exists. Capability detection goes one step further to actually test the object, method, or property, to see if behaves in the desired manner.
Feature Test Example:
/**
* Returns the element/object the user targeted.
* If neither DOM nor IE event model is supported, returns undefined.
* @throws TypeError if the event is not an object.
*/
function getEventTarget(e) {
e = e || window.event;
// First check for the existence of standard "target" property.
return e.target || e.srcElement;
}In practice you can't. While you could create a suitable encryption system with a password in the page, the level of support you need to do this means it's always simpler to do it server-side. Anything that "protects" a page other than the current one is definitely flawed.
With clientside javascript you can't as your code is distributed in source form and is easily readable. With JScript, there is the Script Encoder (see MSDN), but this is nothing more than obfuscation. Attempting to disable the context menu does nothing to protect your script in a Web browser.
A context menu, often triggered by right-click, can be requested by the user in a few ways. For example, on windows, shift + F10 and on macs, click-and-hold. Other input devices exist and mouse buttons can be configured, making the term "right click" a misnomer, in context.
In browsers that allow it, a script can suppress the context menu by
returning false from an object's oncontextmenu event handler.
document.oncontextmenu = function() {
return false;
};
Some browsers lack context menus (e.g. iphone). Browsers that have context menus do not always have a scriptable event for them. Some browsers can be configured to disallow scripts from detecting context menu events (IE, Opera); others may fire the event but be configured to disallow scripts from suppressing the context menu (Firefox,Seamonkey).
Even when the context menu has been suppressed, it will still be possible to view/save the source code and to save images.
Security means that by default you can't. In a more restricted environment, there are options. For example, using LiveConnect to connect to Java with Netscape, and using the FileSystemObject in IE. Check Google Groups archives for previous posts on the subject.
Whatever the rest of your question, this is generally a very bad idea.
The javascript: pseudo protocol was designed to replace the
current document with the value that is returned from the expression.
For example:
<a href="javascript:'<h1>' + document.lastModified + '</h1>'">lastModified</a>
will result in replacing the current document with the value
returned from document.lastModified, wrapped in an <h1>
tag.
When the expression used evaluates to an undefined value
(as some function calls do), the contents of the current page are not
replaced. Regardless, some browsers (notably IE6) interpret this as
navigation and will enter into a 'navigation' state where GIF
animations and plugins (such as movies) will stop and navigational
features such as META refresh, assignment to location.href, and image
swaps fail.
It is also possible for IE to be configured such that it supports
javascript but not the javascript: protocol. This results
in the user seeing a protocol error for javascript: URIs.
The javascript: pseudo protocol creates accessibility and
usability problems. It provides no fallback for when the script is not
supported.
Instead, use
<a href="something.html" onclick="somefunction();return false">
where something.html is a meaningful alternative. Alternatively,
attach the click callback using an event registry.
14 Comments and Suggestions
This FAQ uses the CSS stylesheet faq.css and is generated from the XML source index.xml using the XSLT stylesheet index.xsl.
14.1 Why do some posts have <FAQENTRY> in them?
If a poster feels that the question they are answering should be covered in the FAQ, placing <FAQENTRY> in the post lets the FAQ robot collect the messages for easy review and inclusion. A Draft Proposal for the FAQ is requested and appreciated.
The <FAQENTRY> should not be used in posts except in conjunction with a suggestion/proposal for this FAQ. It should also not be literally quoted in replies, instead it should be partly obscured as, e.g. <FAQ**TRY> or similar.
14.2 How do I make a suggestion?
To make a suggestion to this FAQ, use either the FAQENTRY method above, or send e-mail to Thomas 'PointedEars' Lahn <cljs@PointedEars.de> (editor). All comments, suggestions, and especially corrections are welcome, and will be credited, where it is due, below.
14.3 Contributors
(non-exhaustive, in alphabetical order; see changelog for details)