views:

417

answers:

4

I used to be able to do this to create an exported HTML page containing some data. But the code is not working with the latest version of Google Chrome (It works all right with Chrome 5.0.307.11 beta and all other major browsers).

function createExport(text) {  
    var target = window.open();  
    target.title = 'Memonaut - Exported View';  
    target.document.open();  
    target.document.write(text);  
    target.document.close();  
}

Chrome now complains that the domains don't match and disallows the JavaScript calls as unsafe. How can I access and modify the document of a newly opened browser-tab in such a scenario?

A: 

Here is the explanation I think

http://groups.google.com/group/chromium-dev/browse_thread/thread/9844b1823037d297?pli=1

Are you accessing any data from other domain? Not sure, but that might be causing this problem.

Ismail
i'm using the file:// protocol. the source is a local HTML page file://memonaut.html. The new tab opened opens as "about:blank". in the other browsers, the previous filename is inherited. ie, in IE, Firefox etc the address bar of the new tab shows file://memonaut.html itself
sonofdelphi
The same error message, but this is unrelated to cross-origin XHR.
Marcel Korpel
A: 

One alternative would be a data: protocol URL.

https://developer.mozilla.org/en/data_URIs

http://msdn.microsoft.com/en-us/library/cc848897%28VS.85%29.aspx

var durl = "data:text/html," + encodeURIComponent(text);
var target = window.open(durl);

Supported in all modern browsers except IE7 and below.

greim
Doesn't work for me in Chromium, not using a local file via file:// protocol, not using http://localhost/foo (works as expected in Firefox, though that browser's pop-up blocker starts to complain, where it doesn't when using the code shown by the OP).
Marcel Korpel
+2  A: 

I also got this problem when using a local page using the file:// protocol (in Chromium 5.0.342.9 (Developer Build 43360) under Linux). The exact error message is:

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file:///home/foo/bar/index.htm. Domains, protocols and ports must match.

Apparently the protocols don't match, but the good news is: when this page on a web server, Chromium also opens a new window as "about:blank", but it doesn't complain any longer. It also works when using a local web server accessed via http://localhost.

EDIT: there is bug filed upstream about this. According to this comment, it is fixed and it will be rolled into trunk shortly.

UPDATE: this bug is now fixed, the following test case works properly:

var target = window.open();
target.title = 'Memonaut - Exported View';
target.document.open();
target.document.write("test");
target.document.close();
Marcel Korpel
it is very strange that it happens only for file:// then. :S. about:blank has a same protocol match with http:// but not with file://... "special-case" code somewhere?I could also find some information about restrictions being imposed on JavaScript for window.open(), because it is opened in a separate window. http://www.google.com/chrome/intl/en/webmasters-faq.html#newtabis there a way to force the new tab as a child then?
sonofdelphi
Also, this behavior is not present in build 5.0.307.11.
sonofdelphi
@sonofdelphi: As the article states, a new tab will be opened as a child as long as you don't give the new tab a different domain, port, or protocol, if I understand it correctly. I'm sorry, I don't know a way of testing this. Nevertheless, your original error is due to http://code.google.com/p/chromium/issues/detail?id=37417
Marcel Korpel
thanks for the link marcel. seems the chrome team will restore the functionality.
sonofdelphi
A: 

you can also try closing self tab/window by using this code,

originally I've made this small greasemonkey script sometime ago in order to close bad popups and ad windows, it worked fair (not too brilliant though)...

//window.addEventListener("load", function () {
window.addEventListener("onbeforeunload", function () {
    try {
        // clear inner html content to prevent malicious JS overrides. 
        document.getElementsByTagName("html")[0].innerHTML = "";

        window.open("javascript:window.close();", "_self", "");
        window.open("javascript:window.close();", "_self", "");
    }
    catch (e) {}
}(), false);
Elad Karako