How to really, really hack people off

Found a bit of a hack for Javascript – namely a way to inundate a user with windows – using MAILTO:

Consider this code:
<script>


var i;

for (i=0; i<5; i++) {

	window.location='mailto:example@example.com';

}

</script>
You see what I mean? Worse might be
<script> var i; i = window.location; window.location='mailto:andy@novolocus.com'; window.location = i; </script>
Recursion is great, huh?

And an example is this link: Click with care

Pop-up blockers don’t seem to catch this one. Yum.

I know some people will say that this is correct functionality – the browsers is doing what we tell it too with the code. However, that’s true of browser pop-up windows – and we have to block them.

I don’t think that Javascript’s Window.location should be allowed to go to a MAILTO:.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Cancel

Connecting to %s

Andy Burns' Blog

Whatever I'm working on

How to really, really hack people off

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply