Currently working on a case involving Indecent images of children. The accused has stated that they did not search for the web pages, and that they appeared when closing other windows due to java script.
I'm not that up on Java Script, what code would be present on a web page for the above to happen. So that when you close a window it would open up another website in a new window??
Had a look online but could only find java for onclick"=window.open, which i think would mean that if you click on a link, button etc it would open a new web page.
Cheers
The following will open a page if you try to close the Window.
<body onLoad="closing=true" onUnload="if (closing) window.open('showCPimages.html','CPwin');">
<a href="gowhereIwant.htm" onClick="closing=false">Click to go to another page..</a>
I have also seen embedded, hidden IFRAMEs where code has been downloaded without the user's consent.
…what code would be present on a web page for the above to happen. So that when you close a window it would open up another website in a new window? …
"onunload" is a possibility.
Thanks very much for that peeps, i'll take a look at those.
Cheers
Hi,
I'm a web-developer. I normally just lurk here but I thought I would chip in. The example code here is called "inline javascript". That means that the Javascript is written directly into the HTML Tags
[php]
<body onLoad="closing=true" onUnload="if (closing) window.open('showCPimages.html','CPwin');">
[/php]
There is also another method to open up popup windows. Many newer websites use external javascript libraries, such as jquery.js or prototype.js. These files are linked at the top of the page between <head> and </head>. It is worth checking through ALL externally linked javascript files too, and not just the HTML source code.
A typical popup could look like this
[php]
jQuery(window).bind("unload", function() {
//popup code here
});
[/php]
Hope this helps.
Regards
Dave
Good point, Dave. In fact, Javascript libraries can hold all sorts of mean things and unless you are prepared to wallow through it, you might consider something like Gargoyle which does a good job of spotting Javascript exploits.