views:

291

answers:

1

Hey there,

This is the situation. I'm trying to provide a service where someone embedds an iframe on their website with a form in it. At the end when an ajax request comes in again I want to pop a new window with a thank you note in it. window.open does not work and my guess is because the window object belongs to the page that embedds it and not the iframe and would then be considered cross-site scripting. Is there another way of doing this?

A thought I had was, that I can create links with target="_new" in my iframe, and clicking that would actually pop another window. Maybe I could create this link and "click"/trigger it with javascript?

I do have control over what the user embedds so potentially I could include a script there too, but the less code there, the better obviously.

Any takes?

+2  A: 

window.open does not work and my guess is because the window object belongs to the page that embeds it

I don't think so. window as seen by your script will generally be the window object of the document inside the iframe.

More typically, a window.open on an XMLHttpRequest completion will be blocked by browsers' built-in pop-up-blockers. They usually only allow new windows to be opened in direct response to user interaction (typically, in the onclick event handler).

Maybe I could create this link and "click"/trigger it with javascript?

No, otherwise everyone would be doing that to circumvent blockers!

If you're starting an XHR and you know you're going to need a pop-up in the future you'll have to open it now and put some filler content in until the XHR returns, at which point you can update its contents.

bobince