We have a security screen that opens a popup dialog box using a new custom script showWin that I wrote.
The security screen:
Private Sub SecCheck()
Dim sScreenName As String = String.Format("{0}", Request("SCREEN"))
Dim memb As MembershipUser = Membership.GetUser(User.Identity.Name)
If Roles.IsUserInRole(memb.UserName, sScreenName) Then
Dim params As String = String.Format("{0}", Request("PARAMS"))
If Not String.IsNullOrWhiteSpace(params) Then
params = String.Format("?{0}", Request("PARAMS").Replace("$", "&"))
End If
Dim size As Size = ClaimsInfo.SecurityDB.GetScreenSize(sScreenName)
' Derive Java String
Dim target As String = String.Format("frm{0}.aspx", sScreenName)
Dim link As String = String.Format("{0}{1}", target, params)
Dim height As String = CStr(size.Height)
Dim width As String = CStr(size.Width)
Dim parent As String = "self" ' Session("IFrame")
If (String.IsNullOrEmpty(parent)) Then
parent = "_blank"
End If
Dim js As String = String.Format("showWin('{0}', {1}, {2}, 1, '{3}', '{4}');self.close();", link, width, height, target, parent)
imgSec1.Attributes.Add("onLoad", js)
End If
End Sub
I have placed a breakpoint where js is defined above, and I can see that the text being sent is:
showWin('frmHEIPayment.aspx', 886, 505, 1, 'frmHEIPayment.aspx', 'self');self.close();
Every time I call it, the dialog opens full screen. I've even edited the JavaScript command line above to use the sizes 200 and 200, but the dialog still opens the full size.
The JavaScript for showWin is below:
function showWin(link, width, height, type, target, sParent) {
width = width || 400;
height = height || 200;
var features =
'width:' + width + 'px,' +
'height:' + height + 'px,' +
'toolbar=no,' +
'location=no,' +
'menubar=no,' +
'resizable=yes,' +
'scrollbars=yes';
target = target || "_blank";
var childWindow = window.open(link, target, features);
switch (type) {
case 0:
return false;
break;
case 1:
__doPostBack();
sParent = sParent || "self";
childWindow.opener.location = sParent;
break;
case 2:
CloseDialogSessionExpired(window, 2)
return false;
break;
default:
return false;
break;
}
}
Also, showWin does not close the security screen with self.close() like what happens whenever I use our older jsOW (JavaScript Open Window) code.
I need to replace our older jsOW JavaScript that uses IE's window.showModalDialog:
function jsOW(link, width, height, type, sName) {
var sFeature = "status:no;dialogWidth:" + width + "px;dialogHeight:" + height + "px;dialogHide:true;help:no;scroll:no";
if (type == "1") {
var vVar = window.showModalDialog(link, window, sFeature);
if (typeof (vVar) == 'boolean') {
return vVar;
} else {
switch (vVar) {
case 0:
return false;
break;
case 1:
__doPostBack();
break;
case 2:
CloseDialogSessionExpired(window, 2)
return false;
break;
default:
return false;
break;
}
}
}
}
It displays the form with the correct size, but it only works in IE or Edge in Compatibility Mode.
How do I get this JavaScript to work?
The syntax does not use a ":" but you are to use a "="
eg;
window.open('mychild.aspx', 'childWindow', 'width=800px, height=400, top=200, left=200')
Hence try this:
var features =
'width=' + width + 'px,' +
'height=' + height + 'px,' +
'toolbar=no,' +
'location=no,' +
'menubar=no,' +
'resizable=yes,' +
'scrollbars=yes';
And you as a general rule don't have to supply the 'px' part. And you can add to above top=200, left=200 if you want to move the window down from upper left.
Note that for security reasons, quite a few browsers now don't hide the URL.
Also, as per my other comments, keep in mind that window.open() can be used, and such popups will not be blocked WHEN the code running is a result of user button click. For injected script, or even existing script (say to run on page load), then the popup blockers will block such windows. So, keep this "concept" of user code in the browser - popups should and can work just fine as long as the code running was triggered by an actual user button click.